{{!
  Copyright (c) HashiCorp, Inc.
  SPDX-License-Identifier: BUSL-1.1
}}

<div class="has-bottom-margin-s">
  {{#if (eq @policyType "acl")}}
    <p data-test-example-modal-text="acl">
      <Hds::Link::Inline @isHrefExternal={{true}} @href={{doc-link "/vault/tutorials/get-started/introduction-policies"}}>ACL
        Policies</Hds::Link::Inline>
      are written in Hashicorp Configuration Language (
      <Hds::Link::Inline @isHrefExternal={{true}} @href="https://github.com/hashicorp/hcl">HCL</Hds::Link::Inline>
      ) or JSON and describe which paths in Vault a user or machine is allowed to access. Here is an example policy:
    </p>
  {{else if (eq @policyType "rgp")}}
    <p class="has-bottom-margin-s" data-test-example-modal-text="rgp">
      Role Governing Policies (RGPs) are tied to client tokens or identities which is similar to
      <Hds::Link::Inline @isHrefExternal={{true}} @href={{doc-link "/vault/tutorials/policies/policies"}}>ACL policies</Hds::Link::Inline>.
      They use
      <Hds::Link::Inline
        @isHrefExternal={{true}}
        @href={{doc-link "/vault/docs/enterprise/sentinel"}}
      >Sentinel</Hds::Link::Inline>
      as a language framework to enable fine-grained policy decisions.
    </p>
    <p>
      Here is an example policy that uses RGP to restrict access to the
      <Hds::Text::Code class="code-in-text">admin</Hds::Text::Code>
      policy such that a user named "James Thomas" or has the
      <Hds::Text::Code class="code-in-text">Team Lead</Hds::Text::Code>
      role can manage the
      <Hds::Text::Code class="code-in-text">admin</Hds::Text::Code>
      policy:
    </p>
  {{else}}
    <p class="has-bottom-margin-s" data-test-example-modal-text="egp">
      Endpoint Governing Policies (EGPs) are tied to particular paths (e.g.
      <Hds::Text::Code class="code-in-text">aws/creds/</Hds::Text::Code>
      ) instead of tokens. They use
      <Hds::Link::Inline
        @isHrefExternal={{true}}
        @href="https://docs.hashicorp.com/sentinel/language"
      >Sentinel</Hds::Link::Inline>
      as a language to access
      <Hds::Link::Inline
        @isHrefExternal={{true}}
        @href={{doc-link "/vault/docs/enterprise/sentinel/properties"}}
      >properties</Hds::Link::Inline>
      of the incoming requests.
    </p>
    <p>
      Here is an example policy that fulfills the requirement of an incoming request to be performed during the business
      hours 7:00am to 6:00pm on work days:
    </p>
  {{/if}}
</div>
<Hds::CodeBlock @value={{get this.policyTemplates @policyType}} @language="ruby" @hasCopyButton={{true}} />
<div class="has-bottom-margin-m has-top-padding-s">
  <p>
    More information about
    {{uppercase @policyType}}
    policies can be found
    <Hds::Link::Inline
      @isHrefExternal={{true}}
      @href={{doc-link (get this.moreInformationLinks @policyType)}}
      data-test-example-modal-information-link
    >
      here.
    </Hds::Link::Inline>
  </p>
</div>